✻ Microsoft exchange server 2019 cumulative update 7
✻ Microsoft exchange server 2019 cumulative update 8
✻ Microsoft exchange server 2016 cumulative update 18
✻ Microsoft exchange server 2016 cumulative update 19
✻ Microsoft exchange server 2013 cumulative update 23
The alert update is released by 'Cybersecurity and Infrastructure Security Agency, US'
Everyone using Microsoft Exchange on-premise products must
✻ Check for signs of compromise
✻ Immediately patch Microsoft Exchange with the vendor released patch
✻ If unable to patch, remove the products from the network immediately
✻ Upgrade to the latest supported version of Microsoft Exchange
Actions for IT Admins/Staff
Please follow the recommended steps
✻ Patch ALL instances of Microsoft Exchange that you are hosting.
✻ If you can't patch then follow the recommendations Microsoft issued
by Microsoft Exchange Server Vulnerabilities Mitigations,March 2021,Microsoft Security Response Center.
✻ Check for indicators of compromise by running the following script in the given link
✻ If you haven't been compromised we strongly recommend enhanced monitoring of network connections to your Exchange environment
The information provided herein is on "as is" basis, without warranty of any kind.